Given Chrome has more than one
billion users, this change to Chrome is likely to pressure website operators to
at least consider enabling site-wide HTTPS.

Chrome will also call out
companies that aren't doing the basics of protecting sensitive user information
by collecting information on an unencrypted connection.

Until now, Chrome only showed a
neutral grey indicator on an HTTP page, which Google's Chrome security team
thinks doesn't accurately represent the total lack of security HTTP offers.

For example, if you're on a Wi-Fi
hotspot, a third-party on that network can tamper with the contents of an HTTP
page. HTTPS on the other hand can mitigate the threat of man-in-the-middle
attacks, or surveillance techniques.

With this update, Google alsopaid out$53,837 to security researchers in its bug bounty program
for Chrome. Google fixed a total of 51 security bugs in earlier versions of
Chrome.

If you visit Google or any of its
other pages and click the padlock icon to reveal and view the certificate, it
will state the certificate was issued by Google Internet Authority G2 or GIAG2,
rather than, say, another large CA, such as Symantec or GoDaddy. It's not clear
whether Google will provide CA services to third-party sites.

As one commenter onHacker News pointed out,
this move gives Google one more key piece of the internet's infrastructure:
"You can now have a website secured by a certificate issued by a Google
CA, hosted on Google web infrastructure, with a domain registered using Google
Domains, resolved using Google Public DNS, going over Google Fiber, in Google
Chrome on a Google Chromebook. Google has officially vertically integrated the
internet."